usermod: Appending to Additional Groups

This is one of those things that I found out the hard way long long ago.

When using the usermod command in Linux to add additional groups if you want to only list the new groups the user is in you must use the -aG flags rather than a simple -G.

When specifying -G by itself you are telling usermod to change the users additional groups to the groups specified and only those groups. The user will be removed from any other group. If you use -aG then the groups mentioned are appended and not removed.

Here are some examples:

[[email protected] ~]# id bcane  
uid=500(bcane) gid=500(bcane) groups=500(bcane),100(users)

My user has a primary group of bcane and an additional group of users

[[email protected] ~]# usermod -G wheel bcane  
[[email protected] ~]# id bcane  
uid=500(bcane) gid=500(bcane) groups=500(bcane),10(wheel)

My user now has a primary group of bcane and an additional group of wheel. It was removed from the users group via the usermod command.

[[email protected] ~]# usermod -aG users bcane  
[[email protected] ~]# id bcane  
uid=500(bcane) gid=500(bcane) groups=500(bcane),10(wheel),100(users)

Now my user is part of both the users and wheel group because I asked usermod to append the additional groups.

-G, --groups _GROUP1_[_,GROUP2,_[_,GROUPN_]]] 

A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option. If the user is currently a member of a group which is not listed, the user will be removed from the group. This behavior can be changed via -a option, which appends user to the current supplementary group list.

Benjamin Cane
Principal Engineer, Vice President

Benjamin Cane is Principal Engineer at American Express. He has more than 16 years of experience with roles in both systems and software engineering. He leverages both his systems and software skills to build end-to-end platforms. Platforms, purpose built for performance and resiliency. Benjamin is also the author of Red Hat Enterprise Linux - Troubleshooting Guide (2015, Packt Publishing), and he has published many popular articles on topics such as Linux, Docker, Python, Go and Performance Tuning. Thoughts and Opinions expressed in my articles are my own.